6 matches found
CVE-2002-0638
CVE-2002-0638 concerns the util-linux package’s login utilities (notably setpwnam.c used by chfn/chsh). The advisory describes a race condition caused by inadequate locking of a temporary file used when modifying /etc/passwd, enabling a local attacker to escalate privileges. The issue affects Red...
CVE-2002-1232
CVE-2002-1232 describes a memory leak in ypserv’s ypdb_open (yp_db.c) affecting the NIS package prior to version 2.5. Repeated remote requests for non-existent maps can exhaust memory, causing a denial-of-service condition. Multiple vendor advisories document this issue (e.g., Mandrake MDKSA-2002...
CVE-2002-0836
The CVE-2002-0836 issue affects the tetex family (notably dvips in tetex-bin) where the kpathsea/library code calls system() insecurely. This enables remote command execution via crafted DVI/print jobs, potentially involving fonts. See related advisories (Debian DSA-207-1, RHSA-2002:195, etc.) de...
CVE-2001-1563
CVE-2001-1563 refers to a vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 where attackers could access servlet resources. The vendor advisory is vague about full scope, but a public remediation exists: Apache Tomcat 3.2.4 fixes this issue. While the exact root cause isn’t deta...
CVE-2002-0835
The CVE-2002-0835 issue affects the PXE (Preboot eXecution Environment) server component used on Linux-like systems (e.g., Red Hat Advanced Server) and SCO OpenLinux. Description across connected sources states that the PXE server can be crashed, causing a denial of service, when processing certa...
CVE-2001-1506
The CVE-2001-1506 entry concerns HP Secure OS Software for Linux 1.0, where the file system protection subsystem permits local users to gain additional privileges beyond the configured protection rules, enabling unauthorized operations on restricted files. The available sources describe the vulne...